[test last]
This commit is contained in:
107
backup.yml
107
backup.yml
@@ -28,20 +28,21 @@
|
||||
###! DOCKER COMPOSE FILE
|
||||
############
|
||||
|
||||
# curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
|
||||
# apk add --no-cache rust
|
||||
# pip install bitwarden-sdk
|
||||
# pip install bitwarden-sdk / cargo
|
||||
|
||||
# export BWS_ACCESS_TOKEN=<ACCESS_TOKEN_VALUE>
|
||||
# database_password: "{{ lookup('bitwarden.secrets.lookup', '<SECRET_ID>') }}"
|
||||
|
||||
#! ants - gouv
|
||||
- debug:
|
||||
msg: "{{ lookup('bitwarden.secrets.lookup', 'cc0c7222-858d-44be-86ab-e0534b6f34a9') }}"
|
||||
delegate_to: localhost
|
||||
environment:
|
||||
BW_CLIENTID: "{{ bw_client_id }}"
|
||||
BWS_ACCESS_TOKEN: "{{ bw_client_secret }}"
|
||||
BW_PASSWORD: "{{ bw_client_password }}"
|
||||
# #! ants - gouv
|
||||
# - debug:
|
||||
# msg: "{{ lookup('bitwarden.secrets.lookup', 'cc0c7222-858d-44be-86ab-e0534b6f34a9') }}"
|
||||
# delegate_to: localhost
|
||||
# environment:
|
||||
# BW_CLIENTID: "{{ bw_client_id }}"
|
||||
# BWS_ACCESS_TOKEN: "{{ bw_client_secret }}"
|
||||
# BW_PASSWORD: "{{ bw_client_password }}"
|
||||
# #! fin test
|
||||
# - name: Check if bw is installed
|
||||
# command: which bw
|
||||
@@ -50,22 +51,23 @@
|
||||
# delegate_to: localhost
|
||||
# changed_when: false
|
||||
|
||||
- name: Install Bitwarden CLI
|
||||
ansible.builtin.command:
|
||||
cmd: "{{ item }}"
|
||||
delegate_to: localhost
|
||||
loop:
|
||||
- apk add --no-cache nodejs npm
|
||||
- npm install -g @bitwarden/cli
|
||||
|
||||
- ansible.builtin.command:
|
||||
cmd: bw logout
|
||||
delegate_to: localhost
|
||||
ignore_errors: true
|
||||
#! script
|
||||
# - name: Install Bitwarden CLI
|
||||
# ansible.builtin.command:
|
||||
# cmd: "{{ item }}"
|
||||
# delegate_to: localhost
|
||||
# loop:
|
||||
# - apk add --no-cache nodejs npm
|
||||
# - npm install -g @bitwarden/cli
|
||||
|
||||
# - ansible.builtin.command:
|
||||
# cmd: bw logout
|
||||
# delegate_to: localhost
|
||||
# ignore_errors: true
|
||||
|
||||
- name: bitwarden token session
|
||||
ansible.builtin.command:
|
||||
shell: "{{ item }}"
|
||||
ansible.builtin.shell: "{{ item }}"
|
||||
environment:
|
||||
BW_CLIENTID: "{{ bw_client_id }}"
|
||||
BW_CLIENTSECRET: "{{ bw_client_secret }}"
|
||||
@@ -77,38 +79,53 @@
|
||||
delegate_to: localhost
|
||||
register: bw_session_result
|
||||
|
||||
- name: Return all secrets from a path
|
||||
ansible.builtin.debug: "{{ bw_session_result }}"
|
||||
|
||||
- name: Set BW_SESSION as environment variable globally
|
||||
ansible.builtin.set_fact:
|
||||
bw_session: "{{ bw_session_result.results[-1].stdout | trim }}"
|
||||
- name: Get secret from Bitwarden
|
||||
command:
|
||||
argv:
|
||||
- bw
|
||||
- get
|
||||
- password
|
||||
- "Token full access gitea"
|
||||
- --session
|
||||
- "{{ bw_session }}"
|
||||
delegate_to: localhost
|
||||
register: gitea_token_result
|
||||
no_log: true
|
||||
changed_when: false
|
||||
|
||||
- name: bitwarden token session
|
||||
ansible.builtin.command:
|
||||
shell: bw unlock --passwordenv BW_PASSWORD --raw
|
||||
environment:
|
||||
BW_CLIENTID: "{{ bw_client_id }}"
|
||||
BW_CLIENTSECRET: "{{ bw_client_secret }}"
|
||||
BW_PASSWORD: "{{ bw_client_password }}"
|
||||
- name: Return all secrets from a path
|
||||
ansible.builtin.debug: "{{ gitea_token_result }}"
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Utiliser le lookup
|
||||
ansible.builtin.debug:
|
||||
msg: "{{ lookup('community.general.bitwarden', 'Token full access gitea', field='password', bw_session='{{ bw_session }}') }}"
|
||||
environment:
|
||||
BW_SESSION: "{{ bw_session }}"
|
||||
delegate_to: localhost
|
||||
|
||||
# - name: Return all secrets from a path
|
||||
# ansible.builtin.debug: "{{ bw_session }}"
|
||||
|
||||
- name: logout
|
||||
ansible.builtin.command:
|
||||
cmd: bw logout
|
||||
delegate_to: localhost
|
||||
|
||||
# - name: Set BW_SESSION as environment variable globally
|
||||
# ansible.builtin.set_fact:
|
||||
# bw_session: "{{ bw_session_result.results[-1].stdout | trim }}"
|
||||
# no_log: true
|
||||
|
||||
# - name: bitwarden token session
|
||||
# ansible.builtin.command:
|
||||
# shell: bw unlock --passwordenv BW_PASSWORD --raw
|
||||
# environment:
|
||||
# BW_CLIENTID: "{{ bw_client_id }}"
|
||||
# BW_CLIENTSECRET: "{{ bw_client_secret }}"
|
||||
# BW_PASSWORD: "{{ bw_client_password }}"
|
||||
# delegate_to: localhost
|
||||
|
||||
# - name: Utiliser le lookup
|
||||
# ansible.builtin.debug:
|
||||
# msg: "{{ lookup('community.general.bitwarden', 'Token full access gitea', field='password', bw_session='{{ bw_session }}') }}"
|
||||
# environment:
|
||||
# BW_SESSION: "{{ bw_session }}"
|
||||
# delegate_to: localhost
|
||||
|
||||
# # - name: Return all secrets from a path
|
||||
# # ansible.builtin.debug: "{{ bw_session }}"
|
||||
|
||||
# - name: Return all secrets from a path
|
||||
# delegate_to: localhost
|
||||
# ansible.builtin.debug:
|
||||
|
||||
Reference in New Issue
Block a user